Let's say you have 3 servers -- Backup server A connected to Et1 of SW1, Server B connected to Et2 of SW1, and Server C connected to Et3 of SW1.

Now, if I understand your requirement correctly, Backup server A should be able to talk with both Server B and Server C. But, Server B and C should only be able to communicate with Backup server A; they should not be able to talk to each other, right?

If that's the case, then you can use the below configuration for private VLAN configuration:

Define a primary VLAN --> let's say VLAN 1000 (The ports on this VLAN will be able to talk with all the other ports of the VLAN - including the ones that are part of private VLAN)

Define the private VLAN (isolated) --> let's say VLAN 500

Associate the private VLAN (isolated) with the primary VLAN using "private-vlan isolated primary vlan <primary_VLAN_id>" under the private VLAN configuration

Config example:

vlan 1000

!

vlan 500

private-vlan isolated primary vlan 1000

!

interface Ethernet1

switchport access vlan 1000

!

interface Ethernet2

switchport access vlan 500

!

interface Ethernet3

switchport access vlan 500

!

Switch#show vlan 500,1000

VLAN Name Status Ports

----- ----------------- --------- ------------------

500 VLAN0500 active Et1, Et2, Et3+

1000 VLAN1000 active Et1+, Et2+, Et3

+ indicates a private VLAN promoted port

With the above configuration in place, Server B and Server C will only be able to communicate with Backup server A. However, Backup Server A should be able to talk with both the servers.

Note: The "private-vlan" feature support is only available for international EOS releases (not for US distributions).

Please try the above configuration on your device and let us know if you face any issues.

Recent Questions

DISCLAIMER:While this platform is not officially monitored by Arista Networks, Arista affiliated persons, including Arista employees, will periodically contribute. Arista affiliated persons are not authorized Arista spokespeople and contributions posted to this forum by Arista Networks employees, partners, and customers do not necessarily represent the position or view of Arista Networks.

This forum is NOT to be used for official Arista Networks product technical support. For technical support of any Arista product, please contact Technical Support at support@arista.com.